子弹同样可以中断互联网 传统攻击或成为网络新威胁
2014-01-02 16:03:27   来源:新华国际   评论:0 点击:

导读:新华网1月2日电 据美国科技博客Gizmodo报道,奥巴马政府一年多来一直强调美国的基础设施会遭到网络攻击,但是2013年初一场几乎没人提到的针对发电厂的物理攻击证明,我们不应该忽视传统威
\(图片来源于网络)
   新华网1月2日电 据美国科技博客Gizmodo报道,奥巴马政府一年多来一直强调美国的基础设施会遭到网络攻击,但是2013年初一场几乎没人提到的针对发电厂的物理攻击证明,我们不应该忽视传统威胁。
    最近《外交政策》杂志报道的这次攻击看起来很像乔治·克鲁尼的电影。《外交政策》写道:
    4月16日早上大约1点,至少一人(可能是两个)进入了PG&E Metcalf位于圣何塞东南部一处变电所的四个工作井,切断了变电所附近的线缆。这切断了当地911服务、变电所的固定电话和本地区的本地区的手机连接。……两名警官说,入侵者用高功率的步枪向几个变压器打了100多枪。变电所一个区域内的10台变压器被损坏,另一个区域的3台变压器组也被击中。
    变压器组中的冷却油泄露出来后导致变压器过热停机。
    想想一下,如果这种攻击针对的是旧金山或者纽约会怎么样。这些攻击可以精确地干扰列车运行,甚至导致出轨或相撞。水处理厂可能失去电力,使有毒废物进入饮用水。数千人,乃至数百万人命悬一线。
    火车出轨、有毒化学物泄漏这样的场景,跟奥巴马去年在《华尔街日报》一个专栏上发表的关于基础设施网络攻击描述的情况基本一样。这样的攻击可以由一批恶意软件来制造,也可以由一批持枪歹徒来制造,就像过去那样。
    Gizmodo联络到《管道》一书的作者安德鲁·布鲁姆,询问他关于互联网物理弱点的研究。在新书宣传中,布鲁姆提出了“四工作井理论”,即四个位置合适的工作井可能成为攻击目标,从而中断美国的互联网连接。《外交政策》上描述的这场攻击也许是早期的“四工作井理论”的案例,只不过不那么成功而已?布鲁姆有些怀疑,他把这些工作井和城市传奇联系在了一起。
    布鲁姆说:
    在撰写《管道》一书的时候,我听到有关“四工作井理论”的声音:美国互联网只需要四个工作井就能被卡住脖子。但这从来没有得到证实。这也许是网络工程师和数据中心运营商喜欢的城市传奇——尤其是某个这样的工作井正巧不在他们的建筑里。是的,美国有那么五六栋大楼远离重要的互联网交汇点,但是他们有冗余光纤提供服务。这样就不是四个工作井了,甚至不是16个,也许是64个。但是“64工作井理论”听起来就没那么响亮了。
    因此,在联邦政府投入数十亿美元加强国家网络安全的时候,还是有必要记住那些老式的攻击方法同样有效。就像联邦能源监管委员会主席乔恩·维林霍夫在11月说的那样,组织这样的攻击可能只需要建高一点的围墙。维林霍夫说,在变压器旁边安装保护性的金属板只需要“几百美元”。
    很搞笑吧,有些最可怕的问题解决起来却最简单。
    译者:林杉
    百度新闻与新华网国际频道合作稿件,转载请注明出处。
  Is the Internet More Vulnerable To Physical Attacks Than To Hacking?
    The Obama administration has been stoking the fires of fear about a cyberattack on America's infrastructure for well over a year now, but a little-discussed physical attack on a power plant earlier this year suggests we shouldn't ignore more traditional threats.
    The attack, recently chronicled by Foreign Policy, sounds like something out of a George Clooney movie. FP sums it up thusly:
    Around 1:00 AM on April 16, at least one individual (possibly two) entered two different manholes at the PG&E Metcalf power substation, southeast of San Jose, and cut fiber cables in the area around the substation. That knocked out some local 911 services, landline service to the substation, and cell phone service in the area… The intruder(s) then fired more than 100 rounds from what two officials described as a high-powered rifle at several transformers in the facility. Ten transformers were damaged in one area of the facility, and three transformer banks—or groups of transformers—were hit in another…
    Cooling oil then leaked from a transformer bank, causing the transformers to overheat and shut down.
    Imagine if such an attack had targeted San Francisco or New York City. It could easily be timed to interrupt train service, possibly causing a derailment or collision. A water treatment plan could lose power, leading to toxic chemicals spilling into the drinking water. Thousands, if not millions, of lives could be on the line.
    That train-derailing, toxic-chemical-spilling scenario is exactly what President Obama warned about last summer in an editorial column about the threat of a cyberattack on our infrastructure, published in the Wall Street Journal. Such an attack could be caused by a batch of really bad malware—or by a bunch of bad guys with guns, just like in the old days.
    Gizmodo got in touch with Andrew Blum, author of Tubes, to ask about his own research into the physical vulnerabilities of the internet. In his public appearances for the book, Blum has mentioned something called the "Four Manhole Theory," about four particularly well-placed (or is it ill-placed?) manholes that could be targeted to shut down the internet in the United States. Might the attack described in Foreign Policy have been an early, failed indication about what a Four Manhole Attack might look like? Blum was skeptical, likening the very existence of these manholes to an urban legend.
    As Blum explained to Gizmodo:
    Several times in my research for Tubes, I heard murmurs about the "Four Manhole Theory": the idea that there were just four manholes in the U.S. that served as choke-points for the Internet. But it never checked out. It's the kind of urban legend that network engineers and data center operators love—particularly if one of those supposed manholes is just outside their building. Certainly, there are a half-dozen buildings in the U.S. that are far and away the most important meeting points of Internet networks (I visit them in the book). But they're served by multiply redundant fiber-optic cables. It's not four manholes. It's probably not even 16. Maybe it's 64. But the "64 Manhole Theory" doesn't have the same ring to it.
    So, with the federal government investing billions of dollars beefing up our nation's cybersecurity, it's important to remember that old-fashioned criminals still have their ways. As the Federal Energy Regulatory Commission chairman Jon Wellinghoff suggested last month, defending against these kinds of attacks could be as simple as building bigger fences. Wellinghoff said it would only cost a "couple hundred bucks" to install protective metal sheets around transformers.
    Funny how the scariest problems sometimes have the simplest solutions.

相关热词搜索:子弹 同样 可以

上一篇:印尼网络攻击全球最多 好奇高中生欲入侵政府网
下一篇:微软XP系统停摆倒计时:国内安全公司迎来商机

分享到: 收藏